SQL Injection is an extremely prevalent and dangerous risk to any web application and is so easy to perform. A SQLi attack can lead to sensitive information being leaked directly from the database, malware being served, data integrity compromised and so on.

To use and populate SQL parameters you first need to derive parameters from the command string and then populate a collection with values.

You will need to trim the return string as DB2 will return a padding string as defined on the physical file on the AS400. For example, the field is defined as 50 characters, but only populated with 10, you will still get 50 characters back.

Using iDB2DataAdapter and DataSet with DB2

If you would prefer to retrieve all results in once, i.e. data binding to a control, you can use the iDB2DataAdapter and Microsoft DataSet classes.

Greetings, I am trying to run multiple statements in a iDB2DataAdapter and I do not know what separator to use for between SQL Query Statements. Using the System iNavigator "Run SQL Scripts functionality, you can run multiple query statements when you separate them with a semicolon ";" That does not work with the iDB2DataAdapter. If you terminate the first command with a ";", it returns the error:"SQL0104 Token ; was not valid. Valid tokens: ." Replacing the ";" with "END-OF-STATEMENT" returns the error:"SQL0199 Keyword END not expected. Valid tokens: FOR USE SKIP WAIT WITH FETCH ORDER UNION EXCEPT OPTIMIZE." Putting "BEGIN" and "END' around statements did not help.

It can be hard to find information like this. If you have any suggestions, they would be appreciated. Thanks, Michael

We respect your privacy, and will not make your email public. Hashed email address may be checked against Gravatar service to retrieve avatars. This site uses Akismet to reduce spam. Learn how your comment data is processed.

Save my name, email, and website in this browser for the next time I comment.

About the Author

Tim Trott

Tim Trott is a creative photographer, traveller, astronomer and software engineer with a passion for self-growth and a desire for personal challenge.

Hi, I'm Tim Trott. I'm a creative photographer, traveller, astronomer and software engineer with a passion for self-growth and a desire for personal challenge.

This is my website, a place for me to share my experiences, knowledge and photography. I love to help people by writing articles and tutorials about my hobbies that I'm most passionate about. I hope you enjoy reading my articles as much as I enjoy writing them.